diff options
author | mdecimus <mauro@stalw.art> | 2024-01-13 12:59:10 +0100 |
---|---|---|
committer | mdecimus <mauro@stalw.art> | 2024-01-13 12:59:10 +0100 |
commit | 6aeadb9cda301ec5f210d8e8390515e6292592fa (patch) | |
tree | e54bcaf4c3628c0d5f2ad819d1b3b3123b3acea2 /resources | |
parent | b7c03445e4c89ef5c1dffe743d01123f5ea473ff (diff) |
Fail2ban and IP address blocking support (closes #164)
Diffstat (limited to 'resources')
-rw-r--r-- | resources/config/common/server.toml | 10 | ||||
-rw-r--r-- | resources/config/common/sieve.toml | 4 | ||||
-rw-r--r-- | resources/config/common/store.toml | 23 | ||||
-rw-r--r-- | resources/config/config.toml | 2 | ||||
-rw-r--r-- | resources/config/jmap/auth.toml | 3 | ||||
-rw-r--r-- | resources/config/jmap/store.toml | 21 | ||||
-rw-r--r-- | resources/config/smtp/listener.toml | 3 |
7 files changed, 31 insertions, 35 deletions
diff --git a/resources/config/common/server.toml b/resources/config/common/server.toml index 273c82de..4de0ce0a 100644 --- a/resources/config/common/server.toml +++ b/resources/config/common/server.toml @@ -5,7 +5,13 @@ [server] hostname = "%{HOST}%" max-connections = 8192 -#proxy-trusted-networks = ["127.0.0.0/8", "::1", "10.0.0.0/8"] + +#[server.proxy] +#trusted-networks = {"127.0.0.0/8", "::1", "10.0.0.0/8"} + +[server.security] +blocked-networks = {} +fail2ban = "100/1d" [server.run-as] user = "stalwart-mail" @@ -25,5 +31,3 @@ backlog = 1024 [global] shared-map = {shard = 32, capacity = 10} #thread-pool = 8 - - diff --git a/resources/config/common/sieve.toml b/resources/config/common/sieve.toml index 322c78f5..d41cee31 100644 --- a/resources/config/common/sieve.toml +++ b/resources/config/common/sieve.toml @@ -47,10 +47,6 @@ return-path = "" no-capability-check = true sign = ["rsa"] -[sieve.trusted.default] -directory = "%{DEFAULT_DIRECTORY}%" -store = "%{DEFAULT_STORE}%" - [sieve.trusted.limits] redirects = 3 out-messages = 5 diff --git a/resources/config/common/store.toml b/resources/config/common/store.toml new file mode 100644 index 00000000..6924769f --- /dev/null +++ b/resources/config/common/store.toml @@ -0,0 +1,23 @@ +############################################# +# Storage configuration +############################################# + +[storage] +data = "%{DEFAULT_STORE}%" +fts = "%{DEFAULT_STORE}%" +blob = "%{DEFAULT_STORE}%" +lookup = "%{DEFAULT_STORE}%" +directory = "%{DEFAULT_DIRECTORY}%" + +[storage.encryption] +enable = true +append = false + +[storage.spam] +header = "X-Spam-Status: Yes" + +[storage.fts] +default-language = "en" + +[storage.cluster] +node-id = 1 diff --git a/resources/config/config.toml b/resources/config/config.toml index b79c9f0c..a2b14cd5 100644 --- a/resources/config/config.toml +++ b/resources/config/config.toml @@ -12,6 +12,7 @@ default_store = "__STORE__" [include] files = [ "%{BASE_PATH}%/etc/common/server.toml", "%{BASE_PATH}%/etc/common/tls.toml", + "%{BASE_PATH}%/etc/common/store.toml", "%{BASE_PATH}%/etc/common/tracing.toml", "%{BASE_PATH}%/etc/common/sieve.toml", "%{BASE_PATH}%/etc/directory/imap.toml", @@ -37,7 +38,6 @@ files = [ "%{BASE_PATH}%/etc/common/server.toml", "%{BASE_PATH}%/etc/jmap/protocol.toml", "%{BASE_PATH}%/etc/jmap/push.toml", "%{BASE_PATH}%/etc/jmap/ratelimit.toml", - "%{BASE_PATH}%/etc/jmap/store.toml", "%{BASE_PATH}%/etc/jmap/websockets.toml", "%{BASE_PATH}%/etc/smtp/auth.toml", "%{BASE_PATH}%/etc/smtp/listener.toml", diff --git a/resources/config/jmap/auth.toml b/resources/config/jmap/auth.toml index 6640ea42..a222d5e6 100644 --- a/resources/config/jmap/auth.toml +++ b/resources/config/jmap/auth.toml @@ -2,9 +2,6 @@ # JMAP authentication & session configuration ############################################# -[jmap] -directory = "%{DEFAULT_DIRECTORY}%" - [jmap.session.cache] ttl = "1h" size = 100 diff --git a/resources/config/jmap/store.toml b/resources/config/jmap/store.toml deleted file mode 100644 index f639bccd..00000000 --- a/resources/config/jmap/store.toml +++ /dev/null @@ -1,21 +0,0 @@ -############################################# -# JMAP server store configuration -############################################# - -[jmap.store] -data = "%{DEFAULT_STORE}%" -fts = "__FTS_STORE__" -blob = "__BLOB_STORE__" - -[jmap.encryption] -enable = true -append = false - -[jmap.spam] -header = "X-Spam-Status: Yes" - -[jmap.fts] -default-language = "en" - -[jmap.cluster] -node-id = 1 diff --git a/resources/config/smtp/listener.toml b/resources/config/smtp/listener.toml index c646c83b..fc4aa45d 100644 --- a/resources/config/smtp/listener.toml +++ b/resources/config/smtp/listener.toml @@ -19,6 +19,3 @@ tls.implicit = true [server.listener."management"] bind = ["127.0.0.1:8080"] protocol = "http" - -[management] -directory = "%{DEFAULT_DIRECTORY}%" |